Menu

Tag Archives: data breach

As a result of the state’s review of the file loss, the hospital is forced to pay a $750,000 settlement. However, the true total is $475,000, which is the balance due based on the hospital’s pre-existing investment of $275,000 in technology, particularly data-handling upgrades. The remaining balance will go to enforcement payments ($250,000) and a data-security education fund ($225,000).

All companies storing personal data on Massachusetts residents have just over a month to ensure that their contractors, suppliers, technology providers and other third parties comply with a provision of a state data breach law that went into effect in March 2010

Last week, two experts with knowledge of Nasdaq OMX Groups internal investigation said that while attackers hadnt directly attacked trading servers, they had installed malware on sensitive systems, which enabled them to spy on dozens of company directors

Most importantly, the new law PDF available here, courtesy Information Law Group states that notification must be direct. Yes, it can be electronic, but it must provide a way for the notified party to follow up with questions, and give that person a point of contact who represents the company. The company contact must be accessible through toll-free telephone, not just e-mail.

Data breaches, including those originating inside and outside of the organization, continue to affect companies at an alarming rate. Nearly half a billion electronic records in the United States have been compromised over the last six years

Another week, another data breach at a major university. This week it’s Yale, which announced Friday that the names and Social Security numbers of 43,000 people affiliated with the university had been publicly viewable on Google for the past 10 months.

KPMG, which won OCR’s $9.2 million contract for HITECH-required HIPAA audits in June 2011, told the Saint Barnabas Health Care System of West Orange, NJ, in June 2010 that a KPMG employee lost an unencrypted flash drive that may have contained a list with some patient names and information about their care, Saint Barnabas reported on its website.